Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
web management portal vulnerabilities and exploits
(subscribe to this query)
3.5
CVSSv2
CVE-2012-5939
Cross-site scripting (XSS) vulnerability in Welcome.do in the Data Management Portal Web User Interface in IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.2.x prior to 7.2.1.4 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL...
Ibm Tivoli Application Dependency Discovery Manager 7.2.0.0
Ibm Tivoli Application Dependency Discovery Manager 7.2.1
Ibm Tivoli Application Dependency Discovery Manager 7.2.1.3
NA
CVE-2024-22936
Cross-site scripting (XSS) vulnerability in Parents & Student Portal in Genesis School Management Systems in Genesis AIMS Student Information Systems v.3053 allows remote malicious users to inject arbitrary web script or HTML via the message parameter.
NA
CVE-2023-25569
Apollo is a configuration management system. Prior to version 2.1.0, a low-privileged user can create a special web page. If an authenticated portal admin visits this page, the page can silently send a request to assign new roles for that user without any confirmation from the Po...
Apolloconfig Apollo
4.9
CVSSv2
CVE-2020-27690
The Relish (Verve Connect) VH510 device with firmware prior to 1.0.1.6L0516 contains a buffer overflow within its web management portal. When a POST request is sent to /boaform/admin/formDOMAINBLK with a large blkDomain value, the Boa server crashes.
Imomobile Verve Connect Vh510 Firmware
NA
CVE-2023-3453
ETIC Telecom RAS versions 4.7.0 and prior the web management portal authentication disabled by default. This could allow an attacker with adjacent network access to alter the configuration of the device or cause a denial-of-service condition.
Etictelecom Remote Access Server Firmware
3.5
CVSSv2
CVE-2012-5942
Cross-site scripting (XSS) vulnerability in the Data Management Portal Web User Interface in IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.2.x prior to 7.2.1.4 allows remote authenticated users to inject content, and conduct phishing attacks, via unspecified vecto...
Ibm Tivoli Application Dependency Discovery Manager 7.2.0.0
Ibm Tivoli Application Dependency Discovery Manager 7.2.1
Ibm Tivoli Application Dependency Discovery Manager 7.2.1.3
4.3
CVSSv2
CVE-2021-21407
Combodo iTop is an open source, web based IT Service Management tool. Prior to version 2.7.4, the CSRF token validation can be bypassed through iTop portal via a tricky browser procedure. The vulnerability is patched in version 2.7.4 and 3.0.0.
Combodo Itop
5
CVSSv2
CVE-2017-7258
HTTP Exploit in eMLi Portal in AuroMeera Technometrix Pvt. Ltd. eMLi allows an malicious user to View Restricted Information or (even more seriously) execute powerful commands on the web server which can lead to a full compromise of the system via Directory Path Traversal, as dem...
Auromeera Emli 1.0
4
CVSSv2
CVE-2020-15219
Combodo iTop is a web based IT Service Management tool. In iTop prior to 2.7.2 and 3.0.0, when a download error is triggered in the user portal, an SQL query is displayed to the user. This is fixed in versions 2.7.2 and 3.0.0.
Combodo Itop
Combodo Itop 3.0.0
6.5
CVSSv2
CVE-2015-0611
The administrative web-management portal in Cisco IX 8 (.0.1) and previous versions on Cisco TelePresence IX5000 devices does not properly restrict the device-recovery account's access, which allows remote authenticated users to obtain HelpDesk-equivalent privileges by lever...
Cisco Telepresence System Software Ix 8.0.0
Cisco Telepresence System Software Ix 8.0.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
CVE-2006-4304
wireless
CVE-2023-23022
local file inclusion
CVE-2024-27058
CVE-2024-33820
open redirect
CVE-2024-27079
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »